module.exports = function(page){
	//var pageController = page + "controller";
	var pageController = page + "controller";
	var controller = new require("../controllers/" + pageController);
	var express = require('express');
	var router = express.Router();

	/* GET home page. */
	router.get('/', function(req, res) {

	    res.cookie('cookiename', req.originalUrl);
		console.log('can_view_' + controller.CONTROLLER + ": " + HAS_ROLE('can_view_' + controller.CONTROLLER));
		//if(HAS_ROLE(global.USER_GROUP_ID, 'can_view_' + controller.PAGE)){
		if(HAS_ROLE(req.cookies.USER_GROUP_ID, 'can_view_' + controller.PAGE)){
			controller.search(req, res);
		}else{
			noPermission(res)
		}
	});
	
	router.post('/', function(req, res) {
	    res.cookie('cookiename', req.originalUrl);
		console.log('can_view_' + controller.CONTROLLER + ": " + HAS_ROLE('can_view_' + controller.CONTROLLER));
		//if(HAS_ROLE(global.USER_GROUP_ID, 'can_view_' + controller.PAGE)){
		if(HAS_ROLE(req.cookies.USER_GROUP_ID, 'can_view_' + controller.PAGE)){
			controller.search(req, res);
		}else{
			noPermission(res)
		}
	});
	
	router.post('/search', function(req, res) {
		console.log('can_view_' + controller.CONTROLLER + ": " + HAS_ROLE('can_view_' + controller.CONTROLLER));
		if(HAS_ROLE(req.cookies.USER_GROUP_ID, 'can_view_' + controller.PAGE)){
			controller.search(req, res);
		}else{
			noPermission(res)
		}
	});
	
	router.post('/search', function(req, res) {
		console.log('can_view_' + controller.CONTROLLER + ": " + HAS_ROLE('can_view_' + controller.CONTROLLER));
		if(HAS_ROLE(req.cookies.USER_GROUP_ID, 'can_view_' + controller.PAGE)){
			controller.search(req, res);
		}else{
			noPermission(res)
		}
	});

	router.get('/add', function(req, res) {
		if(HAS_ROLE(req.cookies.USER_GROUP_ID, 'can_add_' + controller.PAGE)){
			var saveRecord = false;
			controller.insert(req, res, false);//false - isFormSubmission
		}else{
			noPermission(res);
		}
	});
	
	router.post('/add', function(req, res) {
		if(HAS_ROLE(req.cookies.USER_GROUP_ID, 'can_add_' + controller.PAGE)){
			var saveRecord = true;
			controller.insert(req, res, true);//true - isFormSubmission
		}else{
			noPermission(res);
		}
	});

	router.get('/edit/:id', function(req, res) {
		if(HAS_ROLE(req.cookies.USER_GROUP_ID, 'can_edit_' + controller.PAGE)){
			controller.update(req, res, false ); //false - isFormSubmission
		}else{
			noPermission(res);
		}
	});

	router.post('/edit/:id', function(req, res) {
		if(HAS_ROLE(req.cookies.USER_GROUP_ID, 'can_edit_' + controller.PAGE)){
			controller.update(req, res, true ); //true - isFormSubmission
		}else{
			noPermission(res);
		}
	});

	router.get('/delete/:id', function(req, res) {
		if(HAS_ROLE(req.cookies.USER_GROUP_ID, 'can_delete_' + controller.PAGE)){
			controller.delete(req, res);
		}else{
			noPermission(res)
		}
	 //res.render(pageForm, { title: "ADD PAGE FOR " + page});
	  //res.render(pageList, { title: 'Express DELETE' + page + " -- " + controller.preDelete(req, res) + " --- " +  controller.postDelete(req, res) });
	});

	return router;
}
